Return-Path: 
 <users-return-113068-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
X-Original-To: apmail-httpd-users-archive@www.apache.org
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id DF84D1806C
	for <apmail-httpd-users-archive@www.apache.org>;
 Fri,  4 Mar 2016 13:30:35 +0000 (UTC)
Received: (qmail 24212 invoked by uid 500); 4 Mar 2016 13:30:32 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 24175 invoked by uid 500); 4 Mar 2016 13:30:32 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 24165 invoked by uid 99); 4 Mar 2016 13:30:32 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO
 spamd1-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Mar 2016 13:30:32 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org)
 with ESMTP id 044E4C6793
	for <users@httpd.apache.org>; Fri,  4 Mar 2016 13:30:32 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 1.179
X-Spam-Level: *
X-Spam-Status: No, score=1.179 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	HTML_MESSAGE=2, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01,
	RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=disabled
Authentication-Results: spamd1-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=gmail.com
Received: from mx2-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new,
 port 10024)
	with ESMTP id bfcmB9P-_a8G for <users@httpd.apache.org>;
	Fri,  4 Mar 2016 13:30:31 +0000 (UTC)
Received: from mail-lb0-f169.google.com (mail-lb0-f169.google.com
 [209.85.217.169])
	by mx2-lw-us.apache.org (ASF Mail Server at mx2-lw-us.apache.org) with ESMTPS
 id 928435F39E
	for <users@httpd.apache.org>; Fri,  4 Mar 2016 13:30:30 +0000 (UTC)
Received: by mail-lb0-f169.google.com with SMTP id bc4so60912839lbc.2
        for <users@httpd.apache.org>; Fri, 04 Mar 2016 05:30:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc;
        bh=KetECkT79qgZbEVXxlT+d98wq+YifEd8QiF9fI+Ll8Q=;
        b=sLZb/tQrN4S853hFcar3eSFzlqdqTnB0hBwQs27MowNDDg9jFmr6fuTJKvmqwwBs3r
         dLZjvgfBYSBibsCNt1inkMCfIh0XT6KV9SFpykA7dynEC6WkI5TNEAYXJkdJIS5dwaG3
         SQcLAclxza0Syh3gH1u7OKd8TaUaCUq/ve6ki+Kzu+h/3LtuA/Vb8ZBD9rkbT80KSO3d
         7mqAcEO2egPpG354gnlgcCaA2Ki0html8eChyAl5hCL+n7hNqxC9u7hOZueKpnxklmGR
         lOQHgJkDaEW1hnF/TECwIDiMs+5hmCuVqRV4YUXuSp4FNN7kN4Y6iXmu6htU97RX5te9
         xaFw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:in-reply-to:references:date
         :message-id:subject:from:to:cc;
        bh=KetECkT79qgZbEVXxlT+d98wq+YifEd8QiF9fI+Ll8Q=;
        b=AWFcwldgH3VgxDURPPfU3N3GZxFi9g+1cpNUVzYcTk2s9Wk5XZ2PZpeVzoaxKiaXJn
         Hm8HYxTw47UtJTiz/LMh4Emk/m9PswZMxG/+wkddNFYkwoXk9oj/O94z5oTTH99b7hxv
         9Jw41G7/WP/LY7Rz0DadRp6ybvRwKSsr2wQXhapdV9Sgv1j+mpaKaontTUamvb8wTj5y
         +TFCME8wLhH9nazt00Ox09T2j06QtKcYmXCzPJjc4zcwp2vXZdsaVl0HexYnfyVDIXtp
         l2E9+hxHZDzYXPMYh9GIsycGL2coKjXu/vJsWI7jypn/qxhajzCBntDMgHwjezdKpkxV
         iRgQ==
X-Gm-Message-State: 
 AD7BkJLBZcA0w5ujhr3FlTfIVRM5+CnzOj5UYr+DHI42c7keg2TUWz66ThsdeNXj/TQwYniZLZNdW/Bg6v6agg==
MIME-Version: 1.0
X-Received: by 10.25.146.197 with SMTP id u188mr2962460lfd.139.1457098222691;
 Fri, 04 Mar 2016 05:30:22 -0800 (PST)
Received: by 10.25.31.135 with HTTP; Fri, 4 Mar 2016 05:30:22 -0800 (PST)
In-Reply-To: 
 <CAHti5NHO21GvW1B6a_kuNzUkxWpqjZyEt+2d-00Oyfjw7wEOfw@mail.gmail.com>
References: 
 <1798894757.3228202.1457044265613.JavaMail.yahoo.ref@mail.yahoo.com>
	<1798894757.3228202.1457044265613.JavaMail.yahoo@mail.yahoo.com>
	<CAGBAQ46xKuSmeJ=rbPegA-=WFYuzPwftuMrS5f0uhGDBnfG_Qg@mail.gmail.com>
	<CAHti5NHO21GvW1B6a_kuNzUkxWpqjZyEt+2d-00Oyfjw7wEOfw@mail.gmail.com>
Date: Fri, 4 Mar 2016 14:30:22 +0100
Message-ID: 
 <CAFedD42mjZ+hCXvbxF430ZZouNZbiWtmP5X09hoNZwGvr9Zr8Q@mail.gmail.com>
From: Luca Toscano <toscano.luca@gmail.com>
To: users@httpd.apache.org
Cc: "schnappiwololo@yahoo.com" <schnappiwololo@yahoo.com>
Content-Type: multipart/alternative; boundary=001a114035aef76dca052d391d67
Subject: Re: [users@httpd]

--001a114035aef76dca052d391d67
Content-Type: text/plain; charset=UTF-8

Hello!

2016-03-04 9:30 GMT+01:00 Daniel <dferradal@gmail.com>:

> Files where directives are defined do not matter at all, what matters is
> the "Context" in which they are placed, that is server config, virtualhost,
> directory, etc, If you look at the official docs all directives have a
> specific context in which they can be used.
>

Adding some details about what Daniel was referring to:
http://httpd.apache.org/docs/2.4/sections.html



> On Thu, Mar 3, 2016 at 5:31 PM, schnappiwololo@yahoo.com.INVALID <
>> schnappiwololo@yahoo.com.invalid> wrote:
>>>
>>>
>>> Apache options like "SSLProtocol", "SSLCipherSuite", and
>>> "HonorCipherOrder" among others can be put in both
>>> /etc/apache2/apache2.conf (Debian based) or
>>> etc/apache2/mods-available/ssl.conf (or even the virtual host configuration
>>> file).
>>>
>>> Which location should these server wide SSL settings be
>>> optimally/conventionally placed (ssl.conf or apache2.conf)? Furthermore and
>>> more importantly if the settings conflict in these two files/ locations
>>> which setting/file takes precedence?
>>>
>>>
My personal view: I would place them only where they are needed (i.e. if
you have only one Virtual host listening on port 443 with all the SSL
directives in there). For the precedence question, please check the above
link!

Hope that makes sense!

Luca

--001a114035aef76dca052d391d67
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Hello!<br><div class=3D"gmail_extra"><br><div class=3D"gma=
il_quote">2016-03-04 9:30 GMT+01:00 Daniel <span dir=3D"ltr">&lt;<a href=3D=
"mailto:dferradal@gmail.com" target=3D"_blank">dferradal@gmail.com</a>&gt;<=
/span>:<br><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.=
8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-st=
yle:solid;padding-left:1ex"><p dir=3D"ltr">Files where directives are defin=
ed do not matter at all, what matters is the &quot;Context&quot; in which t=
hey are placed, that is server config, virtualhost, directory, etc, If you =
look at the official docs all directives have a specific context in which t=
hey can be used.</p></blockquote><div><br></div><div>Adding some details ab=
out what Daniel was referring to: <a href=3D"http://httpd.apache.org/docs/2=
.4/sections.html">http://httpd.apache.org/docs/2.4/sections.html</a>=C2=A0<=
/div><div><br></div><div>=C2=A0</div><blockquote class=3D"gmail_quote" styl=
e=3D"margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(2=
04,204,204);border-left-style:solid;padding-left:1ex"><div class=3D""><div =
class=3D"h5"><div class=3D"gmail_quote"><blockquote class=3D"gmail_quote" s=
tyle=3D"margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rg=
b(204,204,204);border-left-style:solid;padding-left:1ex"><div class=3D"gmai=
l_extra"><div class=3D"gmail_quote">On Thu, Mar 3, 2016 at 5:31 PM, schnapp=
iwololo@yahoo.com.INVALID <span dir=3D"ltr">&lt;<a href=3D"mailto:schnappiw=
ololo@yahoo.com.invalid" target=3D"_blank">schnappiwololo@yahoo.com.invalid=
</a>&gt;</span> wrote:<blockquote class=3D"gmail_quote" style=3D"margin:0px=
 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);bor=
der-left-style:solid;padding-left:1ex"><div style=3D"color:rgb(0,0,0);font-=
family:HelveticaNeue-Light,&#39;Helvetica Neue Light&#39;,&#39;Helvetica Ne=
ue&#39;,Helvetica,Arial,&#39;Lucida Grande&#39;,sans-serif;font-size:13px;b=
ackground-color:rgb(255,255,255)"><div><br></div><div dir=3D"ltr">Apache op=
tions like &quot;SSLProtocol&quot;, &quot;SSLCipherSuite&quot;, and=20
&quot;HonorCipherOrder&quot; among others can be put in both=20
/etc/apache2/apache2.conf (Debian based) or etc/apache2/mods-available/ssl.=
conf (or even the virtual host configuration file).<br>
<br>
Which location should these server wide SSL settings be optimally/conventio=
nally placed (ssl.conf or apache2.conf)?=20
Furthermore and more importantly if the settings conflict in these two=20
files/ locations which setting/file takes precedence?</div><div dir=3D"ltr"=
><br></div></div></blockquote></div></div></blockquote></div></div></div></=
blockquote><div><br></div><div>My personal view: I would place them only wh=
ere they are needed (i.e. if you have only one Virtual host listening on po=
rt 443 with all the SSL directives in there). For the precedence question, =
please check the above link!</div><div><br></div><div>Hope that makes sense=
!</div><div><br></div><div>Luca</div><div>=C2=A0</div></div><br></div></div=
>

--001a114035aef76dca052d391d67--